Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Security Protocols

Security Protocols 2003: Security Protocols pp 178–182Cite as

Enforcing the Unenforceable

  • Conference paper

  • 708 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3364))

Abstract

A security policy is intended to regulate the behaviour of a socio-technical system (computers, networks and humans) in such a way as to ensure that certain properties are maintained or goals achieved. Two problems arise here: regulating the behaviour of humans is non-trivial and, secondly, many security goals are not ”enforceable” in the Schneider sense,[1]. Thus, security policy mechanisms inevitably involve approximations and trade-offs.

We discuss the theoretical and practical limitations on what is technically enforceable and argue for the need for models that encompass social as well as technical enforcement mechanisms.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Schneider, F.B.: Enforceable Security Policies. ACM Transactions on Information and System Security 3(1), 30–50 (2000)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Newcastle upon Tyne, Newcastle upon Tyne, UK

    Peter Y. A. Ryan

Authors
  1. Peter Y. A. Ryan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Systems Group, Vrije Universiteit, Amsterdam, The Netherlands

    Bruno Crispo

  2. Georgia Institute of Technology, Atlanta, GA

    James A. Malcolm

  3. Microsoft Research, Cambridge, UK

    Michael Roe

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ryan, P.Y.A. (2005). Enforcing the Unenforceable. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds) Security Protocols. Security Protocols 2003. Lecture Notes in Computer Science, vol 3364. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11542322_22

Download citation

  • DOI: https://doi.org/10.1007/11542322_22

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-28389-8

  • Online ISBN: 978-3-540-31836-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation